監視制御通信におけるシーケンスを考慮した侵入検知
監視制御通信におけるシーケンスを考慮した侵入検知
カテゴリ: 論文誌(論文単位)
グループ名: 【C】電子・情報・システム部門
発行日: 2012/01/01
タイトル(英語): Intrusion Detection in Control Systems using Sequence Characteristics
著者名: 木内 舞((財) 電力中央研究所 システム技術研究所/東京工業大学大学院 総合理工学研究科),小野田 崇((財) 電力中央研究所 システム技術研究所/東京工業大学大学院 総合理工学研究科)
著者名(英語): Mai Kiuchi (Central Research Institute of Electric Power Industry/Tokyo Institute of Technology), Takashi Onoda (Central Research Institute of Electric Power Industry/Tokyo Institute of Technology)
キーワード: 監視制御システム,セキュリティ,侵入検知,シーケンス control system,security,intrusion detection,sequence
要約(英語): Intrusion detection is considered effective in control systems. Sequences of the control application behavior observed in the communication, such as the order of the control device to be controlled, are important in control systems. However, most intrusion detection systems do not effectively reflect sequences in the application layer into the detection rules. In our previous work, we considered utilizing sequences for intrusion detection in control systems, and demonstrated the usefulness of sequences for intrusion detection. However, manually writing the detection rules for a large system can be difficult, so using machine learning methods becomes feasible. Also, in the case of control systems, there have been very few observed cyber attacks, so we have very little knowledge of the attack data that should be used to train the intrusion detection system. In this paper, we use an approach that combines CRF (Conditional Random Field) considering the sequence of the system, thus able to reflect the characteristics of control system sequences into the intrusion detection system, and also does not need the knowledge of attack data to construct the detection rules.
本誌: 電気学会論文誌C(電子・情報・システム部門誌) Vol.132 No.1 (2012) 特集:確率的最適化と機械学習の統計的設計と応用
本誌掲載ページ: 14-20 p
原稿種別: 論文/日本語
電子版へのリンク: https://www.jstage.jst.go.jp/article/ieejeiss/132/1/132_1_14/_article/-char/ja/
受取状況を読み込めませんでした
